summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-10-21 03:25:34 +0000
committerAndrew Tridgell <tridge@samba.org>2001-10-21 03:25:34 +0000
commitbbcd9deb07fe0cfcb2911093e1c99d30b210e7d2 (patch)
tree855359f48d003658dba234f3d9a4297a523d8176 /source3
parentcbe31055f8deb5844b34e8f1b32e27c830d134ed (diff)
downloadsamba-bbcd9deb07fe0cfcb2911093e1c99d30b210e7d2.tar.gz
samba-bbcd9deb07fe0cfcb2911093e1c99d30b210e7d2.tar.bz2
samba-bbcd9deb07fe0cfcb2911093e1c99d30b210e7d2.zip
made smbclient cope better with arbitrary principle forms
(This used to be commit d1341d74b7aa5f6b3f72e5409b245f87f1ad670b)
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/cliconnect.c4
-rw-r--r--source3/libsmb/clikrb5.c12
-rw-r--r--source3/libsmb/clispnego.c15
3 files changed, 10 insertions, 21 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index e24f081c69..11825ab036 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -387,6 +387,8 @@ static BOOL cli_session_setup_kerberos(struct cli_state *cli, char *principle, c
{
DATA_BLOB blob2, negTokenTarg;
+ d_printf("Doing kerberos session setup\n");
+
/* generate the encapsulated kerberos5 ticket */
negTokenTarg = spnego_gen_negTokenTarg(cli, principle);
@@ -509,6 +511,8 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user,
int i;
BOOL got_kerberos_mechanism = False;
+ d_printf("Doing spnego session setup\n");
+
/* the server might not even do spnego */
if (cli->secblob.length == 16) {
DEBUG(3,("server didn't supply a full spnego negprot\n"));
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index 5fef97c571..98e27fb9c4 100644
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -28,8 +28,7 @@
static krb5_error_code krb5_mk_req2(krb5_context context,
krb5_auth_context *auth_context,
const krb5_flags ap_req_options,
- const char *service,
- const char *realm,
+ const char *principle,
krb5_ccache ccache,
krb5_data *outbuf)
{
@@ -39,10 +38,9 @@ static krb5_error_code krb5_mk_req2(krb5_context context,
krb5_creds creds;
krb5_data in_data;
- retval = krb5_build_principal(context, &server, strlen(realm),
- realm, service, NULL);
+ retval = krb5_parse_name(context, principle, &server);
if (retval) {
- DEBUG(1,("Failed to build principle for %s@%s\n", service, realm));
+ DEBUG(1,("Failed to parse principle %s\n", principle));
return retval;
}
@@ -89,7 +87,7 @@ cleanup_princ:
/*
get a kerberos5 ticket for the given service
*/
-DATA_BLOB krb5_get_ticket(char *service, char *realm)
+DATA_BLOB krb5_get_ticket(char *principle)
{
krb5_error_code retval;
krb5_data packet;
@@ -114,7 +112,7 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm)
if ((retval = krb5_mk_req2(context,
&auth_context,
0,
- service, realm,
+ principle,
ccdef, &packet))) {
goto failed;
}
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index c421d75913..bcce0f6173 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -271,24 +271,11 @@ BOOL spnego_parse_krb5_wrap(DATA_BLOB blob, DATA_BLOB *ticket)
*/
DATA_BLOB spnego_gen_negTokenTarg(struct cli_state *cli, char *principle)
{
- char *p;
- fstring service;
- char *realm;
DATA_BLOB tkt, tkt_wrapped, targ;
const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL};
- fstrcpy(service, principle);
- p = strchr_m(service, '@');
- if (!p) {
- DEBUG(1,("Malformed principle [%s] in spnego_gen_negTokenTarg\n",
- principle));
- return data_blob(NULL, 0);
- }
- *p = 0;
- realm = p+1;
-
/* get a kerberos ticket for the service */
- tkt = krb5_get_ticket(service, realm);
+ tkt = krb5_get_ticket(principle);
/* wrap that up in a nice GSS-API wrapping */
tkt_wrapped = spnego_gen_krb5_wrap(tkt);